Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27184 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
|
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2025-27186 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
|
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2025-27187 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
|
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-32622 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.1 CRITICAL |
|
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c).
|
|||||
| CVE-2024-32607 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 5.7 MEDIUM |
|
HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.
|
|||||
| CVE-2024-32614 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
|
HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
|
|||||
| CVE-2022-42510 | 1 Google | 1 Android | 2025-04-18 | N/A | 6.7 MEDIUM |
|
In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A
|
|||||
| CVE-2022-20610 | 1 Google | 1 Android | 2025-04-18 | N/A | 8.8 HIGH |
|
In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A
|
|||||
| CVE-2022-20609 | 1 Google | 1 Android | 2025-04-18 | N/A | 5.5 MEDIUM |
|
In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A
|
|||||
| CVE-2022-20608 | 1 Google | 1 Android | 2025-04-18 | N/A | 5.5 MEDIUM |
|
In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A
|
|||||
| CVE-2022-20606 | 1 Google | 1 Android | 2025-04-18 | N/A | 4.9 MEDIUM |
|
In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A
|
|||||
| CVE-2022-20605 | 1 Google | 1 Android | 2025-04-18 | N/A | 7.5 HIGH |
|
In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A
|
|||||
| CVE-2022-20604 | 1 Google | 1 Android | 2025-04-18 | N/A | 5.5 MEDIUM |
|
In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from a single device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-230463606References: N/A
|
|||||
| CVE-2022-42512 | 1 Google | 1 Android | 2025-04-18 | N/A | 4.4 MEDIUM |
|
In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A
|
|||||
| CVE-2025-0612 | 1 Google | 1 Chrome | 2025-04-18 | N/A | 7.5 HIGH |
|
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-42532 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A
|
|||||
| CVE-2022-42524 | 1 Google | 1 Android | 2025-04-17 | N/A | 7.5 HIGH |
|
In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A
|
|||||
| CVE-2022-42522 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A
|
|||||
| CVE-2022-42517 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A
|
|||||
| CVE-2022-42516 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A
|
|||||
| CVE-2022-42515 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A
|
|||||
| CVE-2022-42514 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A
|
|||||
| CVE-2023-49552 | 1 Cesanta | 1 Mjs | 2025-04-17 | N/A | 7.5 HIGH |
|
An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.
|
|||||
| CVE-2022-42530 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A
|
|||||
| CVE-2022-42543 | 1 Google | 1 Android | 2025-04-17 | N/A | 4.4 MEDIUM |
|
In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A
|
|||||
| CVE-2022-47520 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-04-17 | N/A | 7.1 HIGH |
|
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.
|
|||||
| CVE-2022-44940 | 1 Patchelf Project | 1 Patchelf | 2025-04-17 | N/A | 9.1 CRITICAL |
|
Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.
|
|||||
| CVE-2022-42946 | 1 Autodesk | 1 Maya | 2025-04-17 | N/A | 7.1 HIGH |
|
Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2025-3015 | 1 Assimp | 1 Assimp | 2025-04-17 | 7.5 HIGH | 6.3 MEDIUM |
|
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0 is able to address this issue. The patch is n ...
Show More |
|||||
| CVE-2024-11614 | 2025-04-17 | N/A | 7.4 HIGH | ||
|
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
|
|||||
| CVE-2022-46320 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-16 | N/A | 9.8 CRITICAL |
|
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.
|
|||||
| CVE-2022-46317 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-16 | N/A | 7.5 HIGH |
|
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
|
|||||
| CVE-2024-34246 | 1 Wasm3 Project | 1 Wasm3 | 2025-04-16 | N/A | 7.5 HIGH |
|
wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c.
|
|||||
| CVE-2022-22742 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-16 | N/A | 6.5 MEDIUM |
|
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
|
|||||
| CVE-2022-28285 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-16 | N/A | 6.5 MEDIUM |
|
When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
|
|||||
| CVE-2025-27204 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
|
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2025-27202 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
|
Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2025-27201 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
|
Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-31747 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 9.8 CRITICAL |
|
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
|
|||||
| CVE-2025-31354 | 2025-04-15 | N/A | 4.3 MEDIUM | ||
|
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
|
|||||